<?php

class Controller_Request extends Yaf_Request_Http
{

    public function isPost($checkCSRF = true, $checkBkn = false) {
        if (!parent::isPost()) {
            return false;
        }

        if ($checkCSRF && !$this->checkCSRF()) {
            return false;
        }

        if ($checkBkn && !$this->checkCSRFBkn()) {
            return false;
        }

        return true;
    }

    public function checkCSRF() {
        return $this->getCSRF() == $this->generateCSRFToken();
    }

    // CSRF
    public function checkCSRFBkn($strTokenIn = '', $skey = '') {

        $strTokenIn = $strTokenIn ?: $this->getPost('bkn', $this->get('bkn'));
        $skey = $skey ?: $this->getCookie('skey');

        if (!$skey) {
            return false;
        }

        $uiHash = 5381;

        for ($i = 0; $i < strlen($skey); ++$i) {
            $uiASCIICode = ord($skey[$i]);
            $uiHash += ($uiHash << 5) + $uiASCIICode;
        }

        $uiTokenOut = $uiHash & 0x7fffffff;
        $uiTokenIn = $strTokenIn;

        if ($uiTokenIn == $uiTokenOut) {
            return true;//ok
        } else {
            return false;// failed;
        }
    }

    /**
     * get 方法
     *
     * @returns
     */
    public function get($name = null, $default = null) {
        $value = parent::get($name);

        if ($value === '' || $value === null) {
            $value = $default;
        }

        return $value;
    }

    /**
     * getPost 方法
     *
     * @returns
     */
    public function getPost($name = null, $default = null) {
        $value = parent::getPost($name);

        if ($value === '' || $value === null) {
            $value = $default;
        }

        return $value;
    }

    /**
     * getCookie 方法
     *
     * @returns
     */
    public function getCookie($name = null, $default = null) {
        $value = parent::getCookie($name);

        if ($value === '' || $value === null) {
            $value = $default;
        }

        return $value;
    }

    /**
     * 获取 CSRF TOKEN
     *
     * @returns
     */
    public function getCSRF() {
        return $this->getPost('CSRFToken', $this->get('CSRFToken'));
    }

    /**
     * 生成 CSRF Token
     *
     * @param $specialadd
     *
     * @returns
     */
    public function generateCSRFToken($specialAdd = '') {
        $ua = $this->getServer('HTTP_USER_AGENT');

        $key = Yaf_Registry::get("global_config")->csrf->key;

        return substr(md5(substr(time(), 0, -5) . $ua . $key . $specialAdd), 8, 8);
    }

    /**
     * getClientIp
     * 获取客户端IP
     *
     * @return string
     */
    public function getClientIp() {
        $ip = FALSE;

        // 直接IP
        if ($this->getServer('HTTP_CLIENT_IP')) {
            $ip = $this->getServer('HTTP_CLIENT_IP');
        }

        // 代理
        if ($this->getServer('HTTP_X_FORWARDED_FOR')) {

            $ips = explode(", ", $this->getServer('HTTP_X_FORWARDED_FOR'));
            if ($ip) {
                array_unshift($ips, $ip);
                $ip = FALSE;
            }

            for ($i = 0; $i < count($ips); $i++) {
                if (!preg_match('/^(?:10|172\.(?:1[6-9]|2\d|3[01])|192\.168)\./', $ips[$i])) {
                    if (version_compare(phpversion(), "5.0.0", ">=")) {
                        if (ip2long($ips[$i]) != false) {
                            $ip = $ips[$i];
                            break;
                        }
                    } else {
                        if (ip2long($ips[$i]) != -1) {
                            $ip = $ips[$i];
                            break;
                        }
                    }
                }
            }
        }

        // QHTTPD 代理
        if ($this->getServer('HTTP_QVIA')) {
            $clientIp = long2ip(hexdec(substr($this->getServer('HTTP_QVIA'), 0, 8)));
            if (Validator::isIp($clientIp)) {
                $ip = $clientIp;
            }
        }

        if (!$ip) {
            return $this->getServer('REMOTE_ADDR');
        }

        return $ip;
    }
}
